urlscan.io logo urlscan.io
SecurityTrails logo

mhbhvi.tireshellfrom.xyz Open in urlscan Pro
5.189.217.115  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bensnd.us/
Effective URL: https://mhbhvi.tireshellfrom.xyz/xafxytqm/?u=kcdweky&o=cawpazh&cid=mlClick-VCqtJn3Y&t=428170&f=1&sid=t4~qx452mw2on0mjavuk51ug4s3&...
Submission: On March 12 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 8 domains to perform 11 HTTP transactions. The main IP is 5.189.217.115, located in and belongs to . The main domain is mhbhvi.tireshellfrom.xyz.
TLS certificate: Issued by R3 on March 12th 2022. Valid for: 3 months.
This is the only time mhbhvi.tireshellfrom.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 54.83.17.27 14618 (AMAZON-AES)
3 2606:4700:303... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
2 5.101.47.96 209813 (FASTCONTENT)
1 5.189.217.115 ()
11 6
1    2606:4700:3036::ac43:a618 (United States)

ASN13335 (CLOUDFLARENET, US)
bensnd.us
2    54.83.17.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-17-27.compute-1.amazonaws.com
httpslink.com
3    2606:4700:3033::ac43:81a4 (United States)

ASN13335 (CLOUDFLARENET, US)
myclick-2.com
3    2607:f8b0:4006:817::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4023:1407::9c (Columbus, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    5.101.47.96 (Fremont, United States)

ASN209813 (FASTCONTENT, DE)
mega-prizes.life
1    5.189.217.115 (None, )

ASN- ()
mhbhvi.tireshellfrom.xyz
Apex Domain
Subdomains		 Transfer
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
3 myclick-2.com
myclick-2.com
14 KB
2 mega-prizes.life
mega-prizes.life
88 KB
2 httpslink.com
httpslink.com — Cisco Umbrella Rank: 284518
680 B
1 tireshellfrom.xyz
mhbhvi.tireshellfrom.xyz
2 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
437 B
1 bensnd.us
bensnd.us
690 B
0 rockstorageplace.com Failed
rockstorageplace.com Failed
11 8
Domain Requested by
3 www.google-analytics.com myclick-2.com
www.google-analytics.com
3 myclick-2.com myclick-2.com
2 mega-prizes.life myclick-2.com
mega-prizes.life
2 httpslink.com 2 redirects
1 mhbhvi.tireshellfrom.xyz mega-prizes.life
1 stats.g.doubleclick.net www.google-analytics.com
1 bensnd.us 1 redirects
0 rockstorageplace.com Failed mhbhvi.tireshellfrom.xyz
11 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-12-30 -
2022-12-29		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
mega-prizes.life
R3		 2022-01-18 -
2022-04-18		 3 months crt.sh
*.tireshellfrom.xyz
R3		 2022-03-12 -
2022-06-10		 3 months crt.sh

This page contains 2 frames:

Frame: https://rockstorageplace.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D
Frame ID: 2B046E2A567C88DC60D873CC84845B1B
Requests: 10 HTTP requests in this frame

Frame: https://mega-prizes.life/media/mainstream/frame.html
Frame ID: A3DE027D564D322230AE982FAA7DDEE7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bensnd.us/ HTTP 301
    https://httpslink.com/h0s3 HTTP 302
    https://httpslink.com/w0ve HTTP 302
    https://myclick-2.com/p/0l1n/fHFs/TiBH Page URL
  2. https://mega-prizes.life/?u=kcdweky&o=cawpazh&cid=mlClick-VCqtJn3Y&t=428170 Page URL
  3. https://mhbhvi.tireshellfrom.xyz/xafxytqm/?u=kcdweky&o=cawpazh&cid=mlClick-VCqtJn3Y&t=428170&f=1&sid=t4~qx452... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

11
Requests

91 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

6
IPs

1
Countries

124 kB
Transfer

171 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bensnd.us/ HTTP 301
    https://httpslink.com/h0s3 HTTP 302
    https://httpslink.com/w0ve HTTP 302
    https://myclick-2.com/p/0l1n/fHFs/TiBH Page URL
  2. https://mega-prizes.life/?u=kcdweky&o=cawpazh&cid=mlClick-VCqtJn3Y&t=428170 Page URL
  3. https://mhbhvi.tireshellfrom.xyz/xafxytqm/?u=kcdweky&o=cawpazh&cid=mlClick-VCqtJn3Y&t=428170&f=1&sid=t4~qx452mw2on0mjavuk51ug4s3&fp=cvxz0Y0klq%2BqHOwHQueQ4qt8k3hvey8HMM4qYxJ9Xn0q8T9jEjRjpmQAYCP65lDm2MvUlVc%2FTEGXlPl3UYMB02Pz4taQs4eZ050RfXLDa9Bu2yxLQKayvvttdEup39BKMjaNTRcsV2d2DQ2d0jyGrv7Of6s0P39jDhy3mEHpbcEfafzvzc4OLGGTBryUWbfmSQuC%2FuZ%2BWuHISe5gOXFrCMUBvc8mfYwL6FIOG8YZFVO4XOsfUlpQwTAXqajSWCj8VQ%2B0s4S%2BB0GfDJhl%2FT5nU8eBEFlkHmLGBegYzOrR%2B74oBahSp1pfQJGzJ%2B6JexEu8VuyXUkqEDbf4yrRYLwe6rRFdq92%2BqxwQ9neBe1zYpJi4%2FPMlavGX13bEp1JalkJMVwqz97FFPoMQ6DvP%2Fti3MHaRxVrZMb0H%2FJuUrB6V7iiixt%2Bndyz3%2FDZiOAVGStVyg29WNscSGqUUoSkMNFK98HDIIGKrp2Ij7Swf9PSGS2vBOW7N4QqFN0kgv6IBaOqXeLy921Skd1fJ1y8iPu13LIiec%2F6%2FG4ZDHqMFta9B4jnqW7YB%2F8YuKm8ml1Bsfk9mEBhKtZpyxAwDQDQzTF0wcn%2BZl9tOBNd%2FiBsE1DvsMR1dIgcT5xnnt%2Fon4bhDEXuh64bao%2F2CtfLo2CX1xszqkRCPKSxhCss4YA3AdM%2B5cGi0tz2IFM8CqltiCp04bfcPzKPji20qJ0P1iXCKEUrxVr5i7OpT6EKevT5cjxZIuVz1%2BolOHPZXgNSavwpQipKbIGhwaCEN5gTWWG9dvAtDFhpjr6TVS%2By0yVd3fvPc6u%2BOzKoynAOe7sHk6XdUWf1oV3ERLJgp2hRe6hVppm5Qn2pWyDwzLQHA%2F0vgEBZw4N1OPhA7fBeQregflQxIibR12hYttPHk3Ea02D9FKSUQlSH7Mr%2BVgBFQJBdazKDGDxhc12J0DlVy4SchEkXT5UdytptjnUXbMnV1oZGwaOq%2Fu71m1mK3Az2QBdu%2B8AAXD9EaWFjJCYVwtRUlJKu1xBk%2Fzi1zhBrXBSFKTyhZspIb7eL1NpPqOPgAD%2FDYMZiFq%2BfeC9%2F7gPdu5c2n2bsu3fevIh4wQUCAsAXyKy0YotPK25rferwYkY7y5mNTJvQZoimFMSEJmjO30NNDJlv9kuUNUt0aXfbbFVFUV%2BhU5rcSU6FwAibmIlfjWTQvQFsfaWNPd3S0GrpThrXXqhwlmaw3iPjlAilOlMPG01A5FjY2CfP%2Boi2%2BpcSqM0MZ1VgH836ViViEoNom0f71ncUtM6mbz3pTL1fmfonYxJUsR748kLWQ0nSszfW3pTI5KxI%2FJiewEMkhZmDqfpLiantvkwFXtuVagHylK2LeHHJ18LYx54aV6LDxfd3fIxsTz9PjCmmtEvsPoBqnc67IZr1MSCs0niY4rVQ2nVo0fwBjxGoobqPLpidZoJcbfFuG5eroxkXw6Q%2Fmu4s032znU8a8lshjrwDt3rsnd37LXDzi%2F%2FiEqX5YVPyF6MF3w7id88tsTYbgUue%2BHp0HV1sP50whWW%2B9XuN47tjMDKjklDWM53cLTO5W9a9aXjb7GA6eFWUQuK5raKT2JkPLv4imgIPrIfwS%2BerlaCADpvfmICROedCDidxnTf1otP9LQWowhnJoDOh1CdHK6hvxVmBm5YpvwKKr5BHkegiec0N3Z348TNP1wCp8Nc4k7voWvKDLXe2x19vA4I%2BMTEc2ip6N7r5UETuhf2rvYBLJd4yc4lNSfcaRM42HS6t3OwQkxpNjA7uHf31PfrEEOhKUk0SKY4ozz7Dw0V55u2bQFfKgPQ5jjRGOmzvyebQsjXJ%2Fs9W77%2B5XMw%2BetgJadE6eTRDPqscCYHmbTJOtC04zd2QdvOYRFlZ13rTt5Kx8TQqoIWDVY1UQxSS6BmP8Mdc0LjDlP9aWmePK28BOkQBKhgja8x3lv%2BfaPRflNpBUHPdEDq%2Fxy%2B%2BbOJiz7ySQFcyBLKbjYqZf%2B%2BeYz6O6x4WyDZHvz2sPeRQmg%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bensnd.us/ HTTP 301
  • https://httpslink.com/h0s3 HTTP 302
  • https://httpslink.com/w0ve HTTP 302
  • https://myclick-2.com/p/0l1n/fHFs/TiBH
Request Chain 9
  • https://mhbhvi.tireshellfrom.xyz/web/?sid=t4~qx452mw2on0mjavuk51ug4s3 HTTP 302
  • https://rockstorageplace.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
TiBH
myclick-2.com/p/0l1n/fHFs/
Redirect Chain
  • http://bensnd.us/
  • https://httpslink.com/h0s3
  • https://httpslink.com/w0ve
  • https://myclick-2.com/p/0l1n/fHFs/TiBH
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myclick-2.com/p/0l1n/fHFs/TiBH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:81a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5aacd65ad911376c67091b8c04aff7937def61f308ed5cd9f88f22196cf36a6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Sat, 12 Mar 2022 14:32:42 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, no-store, private
x-robots-tag
noindex, nofollow
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6iNpesMa%2FH8GIQ1b9UCRrlfyh7qU5C7kqyvzEbr6mC5jiWXZo71lfKGJVuAi%2FO5RwEOYgKSnSyimkIJ5vYRhGOe6t2xivsA61XTjCaFGld%2FIjhmaIh8doKbA%2BtrMWLYYwc2Tsassk5Xpp3R"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ead3d9cbd73159b-EWR
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Cache-Control
no-cache, no-store
Date
Sat, 12 Mar 2022 14:32:41 GMT
Engine
clickmeter.redirect, version 2.0
Expires
-1
Location
https://myclick-2.com/p/0l1n/fHFs/TiBH
X-Rate-Limit-Limit
20s
X-Rate-Limit-Remaining
299
X-Rate-Limit-Reset
2022-03-12T14:33:01.6123000Z
Content-Length
0
Connection
keep-alive
app.js
myclick-2.com/js/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myclick-2.com/js/app.js?id=8bd454b4c27f257a9cb1
Requested by
Host: myclick-2.com
URL: https://myclick-2.com/p/0l1n/fHFs/TiBH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:81a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
404eaf6b5a1c24e8215fc66cdf8426c3207b53986b4e3ffa93a361ecdb733f62

Request headers

device-memory
8
Referer
https://myclick-2.com/p/0l1n/fHFs/TiBH
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 14:32:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 Feb 2022 12:26:29 GMT
server
cloudflare
age
6538
etag
W/"620655f5-7ff7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6WfTnmIje2OyFF%2FVprpKbQL1yo%2BlIMrlmEmMmJFm4ATEu7Ykg2JYh24vvQsUWUvLkcAzzIYP%2FnZVCiNl3XsUepXf9diGZDoqKVvkFW5rth%2F81rT2kesdMYdZQIQ6LYxT6zh%2BwA%2B9O9WutLv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ead3da019df159b-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: myclick-2.com
URL: https://myclick-2.com/p/0l1n/fHFs/TiBH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://myclick-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6526
date
Sat, 12 Mar 2022 12:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 12 Mar 2022 14:43:56 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1166493208&t=pageview&_s=1&dl=https%3A%2F%2Fmyclick-2.com%2Fp%2F0l1n%2FfHFs%2FTiBH&ul=en-us&de=UTF-8&dt=myclick-2.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1801375708&gjid=78977621&cid=162769443.1647095562&tid=UA-110090096-2&_gid=1081868322.1647095562&_r=1&_slc=1&z=699979188
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://myclick-2.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 12 Mar 2022 14:32:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://myclick-2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://myclick-2.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 12 Mar 2022 14:32:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://myclick-2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
finger
myclick-2.com/ 		20 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://myclick-2.com/finger
Requested by
Host: myclick-2.com
URL: https://myclick-2.com/js/app.js?id=8bd454b4c27f257a9cb1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:81a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

device-memory
8
Referer
https://myclick-2.com/p/0l1n/fHFs/TiBH
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 12 Mar 2022 14:32:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2B7HhG%2BDQQEhAN1JNPTZ9tuC7SBcu75wfwnLA3Op5TVRLUN8E8ARgUN3b0TUGTgMPaV%2F%2Fc86x5fW41d%2FdQ3ogprG%2BjpyIO3OMA%2Fo0d7%2FlCFot6eIx0Ct4vnV2nFVRuRy0JTky1Ye9LHtxcH%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
6ead3da1f8918ce2-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
stats.g.doubleclick.net/j/ 		1 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-110090096-2&cid=162769443.1647095562&jid=1801375708&gjid=78977621&_gid=1081868322.1647095562&_u=IEBAAEAAAAAAAC~&z=803898240
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1407::9c Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://myclick-2.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 12 Mar 2022 14:32:42 GMT
content-type
text/plain
access-control-allow-origin
https://myclick-2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
mega-prizes.life/ 		87 KB
88 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mega-prizes.life/?u=kcdweky&o=cawpazh&cid=mlClick-VCqtJn3Y&t=428170
Requested by
Host: myclick-2.com
URL: https://myclick-2.com/js/app.js?id=8bd454b4c27f257a9cb1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.101.47.96 Fremont, United States, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
20faee6191c40f7749241fe308f726fc485a71a9b22409629ae13ccc7372ae00

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://myclick-2.com/

Response headers

Server
nginx
Date
Sat, 12 Mar 2022 14:32:44 GMT
Content-Type
text/html
Content-Length
89336
Connection
keep-alive
Cache-Control
private no-transform
frame.html
mega-prizes.life/media/mainstream/ Frame A3DE 		39 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mega-prizes.life/media/mainstream/frame.html
Requested by
Host: mega-prizes.life
URL: https://mega-prizes.life/?u=kcdweky&o=cawpazh&cid=mlClick-VCqtJn3Y&t=428170
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.101.47.96 Fremont, United States, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://mega-prizes.life/?u=kcdweky&o=cawpazh&cid=mlClick-VCqtJn3Y&t=428170

Response headers

Server
nginx
Date
Sat, 12 Mar 2022 14:32:44 GMT
Content-Type
text/html
Content-Length
39
Connection
keep-alive
Last-Modified
Thu, 20 May 2021 10:23:22 GMT
Vary
Accept-Encoding
ETag
"60a6389a-27"
Cache-Control
no-transform
Accept-Ranges
bytes
Primary Request /
mhbhvi.tireshellfrom.xyz/xafxytqm/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mhbhvi.tireshellfrom.xyz/xafxytqm/?u=kcdweky&o=cawpazh&cid=mlClick-VCqtJn3Y&t=428170&f=1&sid=t4~qx452mw2on0mjavuk51ug4s3&fp=cvxz0Y0klq%2BqHOwHQueQ4qt8k3hvey8HMM4qYxJ9Xn0q8T9jEjRjpmQAYCP65lDm2MvUlVc%2FTEGXlPl3UYMB02Pz4taQs4eZ050RfXLDa9Bu2yxLQKayvvttdEup39BKMjaNTRcsV2d2DQ2d0jyGrv7Of6s0P39jDhy3mEHpbcEfafzvzc4OLGGTBryUWbfmSQuC%2FuZ%2BWuHISe5gOXFrCMUBvc8mfYwL6FIOG8YZFVO4XOsfUlpQwTAXqajSWCj8VQ%2B0s4S%2BB0GfDJhl%2FT5nU8eBEFlkHmLGBegYzOrR%2B74oBahSp1pfQJGzJ%2B6JexEu8VuyXUkqEDbf4yrRYLwe6rRFdq92%2BqxwQ9neBe1zYpJi4%2FPMlavGX13bEp1JalkJMVwqz97FFPoMQ6DvP%2Fti3MHaRxVrZMb0H%2FJuUrB6V7iiixt%2Bndyz3%2FDZiOAVGStVyg29WNscSGqUUoSkMNFK98HDIIGKrp2Ij7Swf9PSGS2vBOW7N4QqFN0kgv6IBaOqXeLy921Skd1fJ1y8iPu13LIiec%2F6%2FG4ZDHqMFta9B4jnqW7YB%2F8YuKm8ml1Bsfk9mEBhKtZpyxAwDQDQzTF0wcn%2BZl9tOBNd%2FiBsE1DvsMR1dIgcT5xnnt%2Fon4bhDEXuh64bao%2F2CtfLo2CX1xszqkRCPKSxhCss4YA3AdM%2B5cGi0tz2IFM8CqltiCp04bfcPzKPji20qJ0P1iXCKEUrxVr5i7OpT6EKevT5cjxZIuVz1%2BolOHPZXgNSavwpQipKbIGhwaCEN5gTWWG9dvAtDFhpjr6TVS%2By0yVd3fvPc6u%2BOzKoynAOe7sHk6XdUWf1oV3ERLJgp2hRe6hVppm5Qn2pWyDwzLQHA%2F0vgEBZw4N1OPhA7fBeQregflQxIibR12hYttPHk3Ea02D9FKSUQlSH7Mr%2BVgBFQJBdazKDGDxhc12J0DlVy4SchEkXT5UdytptjnUXbMnV1oZGwaOq%2Fu71m1mK3Az2QBdu%2B8AAXD9EaWFjJCYVwtRUlJKu1xBk%2Fzi1zhBrXBSFKTyhZspIb7eL1NpPqOPgAD%2FDYMZiFq%2BfeC9%2F7gPdu5c2n2bsu3fevIh4wQUCAsAXyKy0YotPK25rferwYkY7y5mNTJvQZoimFMSEJmjO30NNDJlv9kuUNUt0aXfbbFVFUV%2BhU5rcSU6FwAibmIlfjWTQvQFsfaWNPd3S0GrpThrXXqhwlmaw3iPjlAilOlMPG01A5FjY2CfP%2Boi2%2BpcSqM0MZ1VgH836ViViEoNom0f71ncUtM6mbz3pTL1fmfonYxJUsR748kLWQ0nSszfW3pTI5KxI%2FJiewEMkhZmDqfpLiantvkwFXtuVagHylK2LeHHJ18LYx54aV6LDxfd3fIxsTz9PjCmmtEvsPoBqnc67IZr1MSCs0niY4rVQ2nVo0fwBjxGoobqPLpidZoJcbfFuG5eroxkXw6Q%2Fmu4s032znU8a8lshjrwDt3rsnd37LXDzi%2F%2FiEqX5YVPyF6MF3w7id88tsTYbgUue%2BHp0HV1sP50whWW%2B9XuN47tjMDKjklDWM53cLTO5W9a9aXjb7GA6eFWUQuK5raKT2JkPLv4imgIPrIfwS%2BerlaCADpvfmICROedCDidxnTf1otP9LQWowhnJoDOh1CdHK6hvxVmBm5YpvwKKr5BHkegiec0N3Z348TNP1wCp8Nc4k7voWvKDLXe2x19vA4I%2BMTEc2ip6N7r5UETuhf2rvYBLJd4yc4lNSfcaRM42HS6t3OwQkxpNjA7uHf31PfrEEOhKUk0SKY4ozz7Dw0V55u2bQFfKgPQ5jjRGOmzvyebQsjXJ%2Fs9W77%2B5XMw%2BetgJadE6eTRDPqscCYHmbTJOtC04zd2QdvOYRFlZ13rTt5Kx8TQqoIWDVY1UQxSS6BmP8Mdc0LjDlP9aWmePK28BOkQBKhgja8x3lv%2BfaPRflNpBUHPdEDq%2Fxy%2B%2BbOJiz7ySQFcyBLKbjYqZf%2B%2BeYz6O6x4WyDZHvz2sPeRQmg%3D%3D
Requested by
Host: mega-prizes.life
URL: https://mega-prizes.life/?u=kcdweky&o=cawpazh&cid=mlClick-VCqtJn3Y&t=428170
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.189.217.115 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://mega-prizes.life/

Response headers

Server
nginx
Date
Sat, 12 Mar 2022 14:32:46 GMT
Content-Type
text/html
Content-Length
1598
Connection
keep-alive
Cache-Control
private no-transform
/
rockstorageplace.com/
Redirect Chain
  • https://mhbhvi.tireshellfrom.xyz/web/?sid=t4~qx452mw2on0mjavuk51ug4s3
  • https://rockstorageplace.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rockstorageplace.com
URL
https://rockstorageplace.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

7 Cookies

Domain/Path Name / Value
myclick-2.com/ Name: 6b9a00393fb1607b0ada13520f814ab5
Value: 6b9a00393fb1607b0ada13520f814ab5
.myclick-2.com/ Name: _ga
Value: GA1.2.162769443.1647095562
.myclick-2.com/ Name: _gid
Value: GA1.2.1081868322.1647095562
.myclick-2.com/ Name: _gat
Value: 1
mega-prizes.life/ Name: sid
Value: t4~qx452mw2on0mjavuk51ug4s3
mega-prizes.life/ Name: p1
Value: https://tireshellfrom.xyz/xafxytqm/
mega-prizes.life/ Name: s1
Value: fdd3lckn3aa3kg4t